CVE-2024-52065 Potential stack buffer write overflow in Persistence Service while parsing malicious environment variable on non-Windows systems

🗓️ 13 Dec 2024 10:22:34Reported by RTIType

Potential buffer overflow in Persistence Service on non-Windows systems due to unsafe environment variable parsing.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2024-52065	13 Dec 202410:40	–	circl
CNNVD	RTI Connext Professional 安全漏洞	13 Dec 202400:00	–	cnnvd
CVE	CVE-2024-52065	13 Dec 202410:22	–	cve
EUVD	EUVD-2024-46108	3 Oct 202520:07	–	euvd
NVD	CVE-2024-52065	13 Dec 202411:15	–	nvd
OSV	CVE-2024-52065	13 Dec 202411:15	–	osv
Positive Technologies	PT-2024-35116 · Real Time Innovations · Rti Connext Professional	13 Dec 202400:00	–	ptsecurity
Vulnrichment	CVE-2024-52065 Potential stack buffer write overflow in Persistence Service while parsing malicious environment variable on non-Windows systems	13 Dec 202410:22	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Persistence Service"
    ],
    "platforms": [
      "non-Windows"
    ],
    "product": "Connext Professional",
    "vendor": "RTI",
    "versions": [
      {
        "lessThan": "7.3.0.2",
        "status": "affected",
        "version": "7.0.0",
        "versionType": "custom"
      },
      {
        "lessThan": "6.1.2.21",
        "status": "affected",
        "version": "6.1.1.2",
        "versionType": "custom"
      },
      {
        "lessThan": "5.3.1.41",
        "status": "affected",
        "version": "5.3.1.40",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
rti	www.rti.com/vulnerabilities/

07 Feb 2025 21:49Current

CVSS 46.9

EPSS0.00208

CWE-120